Lucene search
+L

143 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.9 views

CVE-2022-23137

ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered...

6.1CVSS6AI score0.00525EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.7 views

WordPress plugin MG AdvancedOptions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.9AI score0.00261EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.5 views

Tarkov Data Manager 跨站脚本漏洞

Tarkov Data Manager is a database management tool from The Hideout open source. A cross-site scripting vulnerability exists in versions of Tarkov Data Manager prior to 02/01/2025, which stems from the presence of reflective cross-site scripting in the toast notification system that could lead to ...

9.3CVSS5.9AI score0.00202EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.4 views

Jorani 跨站脚本漏洞

Jorani is a leave management system by Benjamin BALET, an individual developer in France. It is intended to provide a simple workflow for leave and overtime requests for small organizations. A cross-site scripting vulnerability exists in Jorani version 1.0.3, which stems from the presence of...

5.1CVSS6.4AI score0.00311EPSS
Exploits0References4
OSV
OSV
added 2025/12/09 6:15 p.m.5 views

CVE-2025-34409

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

6.1CVSS6AI score0.00418EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.6 views

NiceGUI 跨站脚本漏洞

NiceGUI is an easy-to-use, Python-based UI framework open-sourced by NiceGUI. A cross-site scripting vulnerability exists in NiceGUI 3.3.1 and earlier versions, which stems from insufficient cleanup and escaping of the ui.addcss, ui.addscss, and ui.addsass functions, and could lead to a reflectiv...

6.1CVSS5.8AI score0.00232EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

xCally Omnichannel 跨站脚本漏洞

xCally Omnichannel is an integrated communication platform from the Italian company xCally. A cross-site scripting vulnerability exists in xCally Omnichannel version v3.30.1, which stems from reflective cross-site scripting and could lead to an attacker executing malicious JavaScript code...

5.1CVSS6.1AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

SAP Business Connector 跨站脚本漏洞

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...

6.1CVSS5.7AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.6 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.0 that stems from insufficient cleaning and escaping of the idpet parameter, which could lead to a reflective cross-site scriptin...

6.1CVSS5.9AI score0.00219EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-2966

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/08 12:0 a.m.6 views

Codester WebWork - PHP Search Engine Script 跨站脚本漏洞

Codester WebWork - PHP Search Engine Script is an open source search engine script from Codester. A cross-site scripting vulnerability exists in Codester WebWork - PHP Search Engine Script, which stems from the fact that incorrect manipulation of the parameters q and engine can lead to reflective...

5.1CVSS6AI score0.0048EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.4 views

Sunnet eHRD CTMS 跨站脚本漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A cross-site scripting vulnerability exists in Sunnet eHRD CTMS that stems from a reflective cross-site scripting issue that could lead to arbitrary JavaScript code execution...

6.1CVSS6.6AI score0.00245EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.5 views

FoxCMS 安全漏洞

FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS. A security vulnerability exists in FoxCMS v1.2.6, which stems from a reflective cross-site scripting vulnerability that could lead to the execution of arbitrary JavaScript code...

8.8CVSS6.2AI score0.0046EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.6 views

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.4 views

Human Resource Management System 跨站脚本漏洞

Human Resource Management System is a human resource management system by maverickosama Individual Developer. A cross-site scripting vulnerability exists in Human Resource Management System version 1.0, which stems from an unvalidated employeeid parameter and could lead to a reflective cross-site...

6.1CVSS6.1AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

JetBrains TeamCity 跨站脚本漏洞

JetBrains TeamCity is a Continuous Integration CI/CD tool developed by JetBrains, Inc. to automate the software build, test and deployment process. JetBrains TeamCity suffers from a cross-site scripting vulnerability that stems from the presence of reflective cross-site scripting on the...

4.8CVSS6.3AI score0.00729EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

MedDream PACS Premium 跨站脚本漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the radiationDoseReport.php function. No detailed...

6.1CVSS5.7AI score0.00712EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.6 views

Eclipse GlassFish 跨站脚本漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse GlassFish version 7.0.15, which stems from a risk of a reflective cross-site scripting attack in the management console...

6.1CVSS5.9AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.5 views

WordPress plugin Electrician - Electrical Service WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Electrician - Electrical...

7.1CVSS5.9AI score0.00235EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.4 views

WordPress plugin Hostel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

6.1CVSS5.9AI score0.00228EPSS
Exploits1References2
Rows per page
Query Builder